pfSense router cannot ping or perform nslookups
-
I recently moved, and with moving comes a new internet service providers, Bell to be specific. Bell's Home Hub 3000 router does not support bridged mode but instead provides Advanced DMZ. I took my pfsense router that I was using and hooked it up and set the WAN port to be in the HH3000's ADMZ and rebooted the pfsense box.
My pfSense machine is able to get the WAN IP of my HH3000 modem, but it cannot ping or perform nslookups.
Here is a picture of the routing table: https://i.imgur.com/50WCzW9.png You'll notice that the default gateway is 10.11.5.1, my router's WAN IP is 69.158.X.Y/1 which strikes me as weird.
Unfortunately I can't just get rid of the HH3000 since we also use it for telephony, unless there's some clever gadget I can use instead of it.
Anyone have any ideas? If there's any more information needed let me know.
Thanks
-
What is that subnet on WAN? /1 ! There's no way that's correct. Is it pulling that via DHCP?
Steve
-
Yup that's the IP my pfsense box gets from the modem.
-
Can it ping the gateway?
Can it ping anything outside 0/1, like 208.123.73.73?
Steve
-
No it cannot ping 10.11.5.1 or any other IP. They all fail.
-
@UntouchedWagons said in pfSense router cannot ping or perform nslookups:
my router's WAN IP is 69.158.X.Y/1 which strikes me as weird.
Not just weird, it's nuts! That /1 means you're on the same subnet as half the Internet, which is impossible.
Perhaps you should have a chat with the support. Yes, I know with Bell "support" is an oxymoron.
-
A /1 ?? no that not going to work at all..
69.x.x.x/1 would be the IP between 0.0.0.0 - 127.255.255.255, that is not a viable mask for an actual address. For a firewall rule or something, but on an interface.
Where are you seeing this /1, I see a default route of 0.0.0.0/1 which wouldn't be right either... But where are you seeing that your mask on your IP is /1?
-
@JKnott said in pfSense router cannot ping or perform nslookups:
Perhaps you should have a chat with the support. Yes, I know with Bell "support" is an oxymoron.
I've tried and they refused to help me because I'm using unsupported hardware.
@johnpoz said in pfSense router cannot ping or perform nslookups:
Where are you seeing this /1, I see a default route of 0.0.0.0/1 which wouldn't be right either... But where are you seeing that your mask on your IP is /1?
https://i.imgur.com/tzElBI8.png
-
Yeah that is F'd up..
That is what they are handing you via dhcp..
What is there supported hardware? Does it work if you plug your pc directly into their device?
Just set their device to do nat, maybe this Advanced DMZ mode is borked.. Just let their device nat, and do double nat.
-
@johnpoz said in pfSense router cannot ping or perform nslookups:
What is there supported hardware? Does it work if you plug your pc directly into their device?
I would imagine so. Right now I have a TP-Link 16 port switch between the Home Hub 3000 and my other networking equipment and they all work fine.
Just set their device to do nat, maybe this Advanced DMZ mode is borked.. Just let their device nat, and do double nat.
I guess I'll have to.
I just had a thought, however, I have two port forwarding rules set up, could they be interfering with the ADMZ?
-
Maybe I don't have any idea about that device features or functions... Reset it.. Let it do nat, get that working with pfsense, and then try and change it to advanced dmz mode and see if pfsense gets a normal IP with a realistic mask, etc. and works.
-
I completely disabled the modem's DMZ feature and did a DHCP release on the pfsense box. I reenabled Advanced DMZ on the modem and the pfsense box got the same IP and janky netmask as before, but now it can ping the outside world. So I don't know what's going on.
-
@UntouchedWagons said in pfSense router cannot ping or perform nslookups:
I've tried and they refused to help me because I'm using unsupported hardware.
That's why I said oxymoron. Several years ago, I was setting up Adtran routers on ADSL lines at two sites for a customer. One site went fine, but I couldn't get the other one going. When I called "support" (they were located in India, not Canada), they insisted I click on the Start button. Last I checked, Adtran routers didn't have a Start button. When I asked for 2nd level support, they hung up on me. It took the customer calling her sales rep at Bell, before I got someone in Canada, who was able to resolve the problem. I've had other experiences with them. At one time, they were a good company.
-
@UntouchedWagons said in pfSense router cannot ping or perform nslookups:
same IP and janky netmask as before, but now it can ping the outside world
Can you ping something that's in your half of the Internet, such as 8.8.8.8?
Also, try plugging an ordinary computer, running Windows, into it, see what you get, and give them a call if you're still getting the /1.
-
@JKnott said in pfSense router cannot ping or perform nslookups:
Can you ping something that's in your half of the Internet, such as 8.8.8.8?
It pings just fine
Also, try plugging an ordinary computer, running Windows, into it, see what you get, and give them a call if you're still getting the /1.
I'll give it a try.
